feat(open-webui): deploy Open WebUI with litellm backend #172

Open
unkinben wants to merge 4 commits from issue-155-open-webui-litellm into main

4 Commits

Author SHA1 Message Date
unkinben 3d85105afd feat(open-webui): HA deployment with CNPG, PDB, and session persistence
ci/woodpecker/pr/pre-commit Pipeline was successful
ci/woodpecker/pr/kubeconform Pipeline failed
- Switch from SQLite/PVC to CNPG PostgreSQL (3 instances, low-resource)
  with a transaction-mode PgBouncer pooler (2 instances)
- Raise open-webui replicas to 3 with priorityClassName: power
- Add PodDisruptionBudget (minAvailable: 1)
- Add Gateway API sessionPersistence (cookie) on the HTTPS HTTPRoute
  so WebSocket connections stick to the same backend pod
- Add postgres-credentials VaultStaticSecret; DATABASE_URL must be
  added to kv/kubernetes/namespace/open-webui/default/open-webui-credentials
2026-05-26 23:37:10 +10:00
unkinben 85a8cfe47d fix(open-webui): use traefik-internal gateway for chat hostname
ci/woodpecker/pr/pre-commit Pipeline was successful
ci/woodpecker/pr/kubeconform Pipeline was successful
2026-05-26 23:26:01 +10:00
unkinben 16dabbbf8d fix(open-webui): use litellm external hostname as OPENAI_API_BASE_URL
ci/woodpecker/pr/pre-commit Pipeline was canceled
ci/woodpecker/pr/kubeconform Pipeline was canceled
2026-05-26 23:25:26 +10:00
unkinben 1bcb88d3dd feat(open-webui): deploy Open WebUI with litellm backend
ci/woodpecker/pr/pre-commit Pipeline was successful
ci/woodpecker/pr/kubeconform Pipeline was successful
Deploys Open WebUI (chat.k8s.syd1.au.unkin.net) into the open-webui
namespace via the aitooling ArgoCD project. Uses SQLite with a 10Gi
cephrbd PVC for persistence, routes model requests to the existing
litellm deployment, and exposes the UI through the traefik-external
gateway. Credentials (OPENAI_API_KEY, WEBUI_SECRET_KEY) are injected
via VaultStaticSecret from kv/kubernetes/namespace/open-webui/default.

Closes #155
2026-05-26 00:11:25 +10:00